Host key verification failed.

JustTakeTheFirstStep · ‎03-10-2025

$ ssh -l netadmin 10.10.10.10 -p 830
FIPS mode initialized
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256: xxx
Please contact your system administrator.
Add correct host key in /home/maglev/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/maglev/.ssh/known_hosts:2
  remove with:
  ssh-keygen -f "/home/maglev/.ssh/known_hosts" -R "[10.10.10.10]:830"
RSA host key for [10.10.10.10]:830 has changed and you have requested strict checking.
Host key verification failed.

$ cat /home/maglev/.ssh/known_hosts
cat: can't open '/home/maglev/.ssh/known_hosts': No such file or directory

$ ssh-keygen -f "/home/maglev/.ssh/known_hosts" -R "[10.10.10.10]:830"
Unknown Command: ssh-keygen

DNAC Ver 2.3.7.7-70047
Perhaps there was an issue with the RSA key after the WLC switchover.
Can someone help me?

balaji.bandi · ‎03-11-2025

10.10.10.10

is this IP VIP of the WLC HA ? how about when you try IP address of the WLC

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

maflesch · ‎03-12-2025

You can't use that command or access the file because you are in the restricted shell. You will need a TAC case to get the token to elevate out of the restricted shell and clear the old value from the known hosts file.